2010 5th International Conference on Future Information Technology 2010
DOI: 10.1109/futuretech.2010.5482714
|View full text |Cite
|
Sign up to set email alerts
|

Supporting Secure Embedded Access Control Policy with XACML+XML Security

Abstract: XACML has become the de facto standard for expressing access control policy. Similarly, XML security standards, such as XML encryption and XML digital signature, have been widely deployed for protecting the confidentiality, authenticity and integrity of digital information. In this paper we present a framework of using XACML and XML security to support secure, embedded and fine-grained access control policy. The basic idea is to extend XACML such that access control policy can be embedded with the digital cont… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
3
1
1

Citation Types

0
7
0

Year Published

2011
2011
2015
2015

Publication Types

Select...
3
1
1

Relationship

0
5

Authors

Journals

citations
Cited by 6 publications
(7 citation statements)
references
References 10 publications
0
7
0
Order By: Relevance
“…Future Work Implementing and testing time-based data expiry using the Smartcard-based solution is left for future work. More research is also needed on how to protect the XACML policies themselves, for example using XML encryption as proposed in [9]. Implementing support for role-based instead of user-based authorisation is also left as future work.…”
Section: Discussionmentioning
confidence: 99%
“…Future Work Implementing and testing time-based data expiry using the Smartcard-based solution is left for future work. More research is also needed on how to protect the XACML policies themselves, for example using XML encryption as proposed in [9]. Implementing support for role-based instead of user-based authorisation is also left as future work.…”
Section: Discussionmentioning
confidence: 99%
“…In addition, the original content can be further divided into multiple parts, each of which encapsulated by its own access control policy, to provide finer grained access control. Since then, we have incorporated XML encryption and XML signature into the XACML policy document to further protect the confidentiality, authenticity, and integrity of the content and the access control policy, both embedded in the same XACML document and both can be sensitive information [7]. Many models have been suggested to extend the Role-based access control (RBAC) model to provide location aware access control.…”
Section: Dep Of Information Science and Technologymentioning
confidence: 99%
“…In [3], the XML-based security standards will be used more and more in terms of an integrated security system, and the possible interaction of different standards was a basic goal in the evolution of XML-based security standards that include XACML and XML Security. The combined use of XACML, XML-ENC, and XML-DSIG in [7] is one more example of constructing an integrated security system focusing on secure, embedded, and fine-grained access control.…”
Section: Dep Of Information Science and Technologymentioning
confidence: 99%
See 2 more Smart Citations